US10003462B2 - Key generating method and apparatus - Google Patents

Key generating method and apparatus Download PDF

Info

Publication number
US10003462B2
US10003462B2 US14/867,106 US201514867106A US10003462B2 US 10003462 B2 US10003462 B2 US 10003462B2 US 201514867106 A US201514867106 A US 201514867106A US 10003462 B2 US10003462 B2 US 10003462B2
Authority
US
United States
Prior art keywords
picture
square
region
key
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active, expires
Application number
US14/867,106
Other versions
US20160020902A1 (en
Inventor
Lei Xu
Zhengde Zhai
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Assigned to HUAWEI TECHNOLOGIES CO., LTD. reassignment HUAWEI TECHNOLOGIES CO., LTD. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: ZHAI, Zhengde, XU, LEI
Publication of US20160020902A1 publication Critical patent/US20160020902A1/en
Application granted granted Critical
Publication of US10003462B2 publication Critical patent/US10003462B2/en
Active legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • G06K9/52
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06TIMAGE DATA PROCESSING OR GENERATION, IN GENERAL
    • G06T3/00Geometric image transformations in the plane of the image
    • G06T3/40Scaling of whole images or parts thereof, e.g. expanding or contracting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • G06K2009/4666
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06TIMAGE DATA PROCESSING OR GENERATION, IN GENERAL
    • G06T2207/00Indexing scheme for image analysis or image enhancement
    • G06T2207/20Special algorithmic details
    • G06T2207/20021Dividing image into blocks, subimages or windows

Definitions

  • the present disclosure relates to the field of mobile communications, and in particular, to a key generating method and apparatus.
  • Encryption is an effective method for implementing data protection.
  • an encryption system When an encryption system is deployed in a smart device, one of key issues is to ensure security of an encrypted key.
  • the key cannot be stored in a plaintext format in a smart device; instead, each time a key is needed, a key is generated by using input of a user in interaction with the user.
  • a smart device provides an interface for a user, the user enters an American Standard Code for Information Interchange (ASCII) character string on the interface, and the character string and a salt value selected by the smart device are connected and then input to a key generating function, to generate a key; or a smart device provides an interface for a user, the user selects a group of pictures on the interface, where each picture is assigned a unique identifier (ID), and the IDs of the pictures selected by the user and a salt value are used as input to a key generating function, to generate a key.
  • ASCII American Standard Code for Information Interchange
  • ID unique identifier
  • Embodiments of the present disclosure provide a key generating method and apparatus, which can bring convenience for memorization and use by a user and can also improve security of a key.
  • an embodiment of the present disclosure provides a key generating method, where the method includes acquiring complete picture data of a complete picture; displaying a partial picture of the complete picture in a display window; capturing a first picture from the partial picture, and generating first picture data of the first picture; and generating a key according to the first picture data.
  • the method further includes dividing the partial picture into equal squares and moving, using the square as a movement unit, the complete picture until the display window displays a needed partial picture.
  • capturing a first picture from the partial picture, and generating first picture data of the first picture includes capturing a part of the partial picture as the first picture, and generating the first picture data of the first picture; or capturing the entire partial picture as the first picture, and generating the first picture data of the first picture.
  • capturing a part of the partial picture or the entire partial picture as the first picture, and generating the first picture data of the first picture includes acquiring a region selected by a user in the partial picture, and using a picture corresponding to the region in the partial picture as the first picture; and representing the region selected by the user as a square set, and connecting, according to a specified rule, pieces of image data that correspond to all squares in the square set to form a binary string, where the binary string is the first picture data.
  • representing the region selected by the user as a square set includes the region selected by the user being a closed region; sequentially acquiring each square in the display window, and when the square is included in the closed region, the square belongs to the square set; or when only a part of the square is included in the closed region, computing an area of the part of the square included in the closed region, and when the area is greater than a first threshold, the square belongs to the square set.
  • representing the region selected by the user as a square set includes the region selected by the user being a closed region; sequentially acquiring each square in the display window, and when four sides of the square and the closed region have more than two intersection points, the square belongs to the square set; or when four sides of the square and the closed region have two intersection points and the two intersection points are on a same side of the square, the square belongs to the square set; or when four sides of the square and the closed region have two intersection points and the two intersection points are not on a same side of the square, computing an area of a trapezoid that is formed after the two intersection points are connected, and when the area is greater than a second threshold, the square belongs to the square set.
  • generating a key according to the first picture data includes performing hash computing, in which a specified quantity of iteration times is i, on the first picture data, to generate the key, where i is a natural number.
  • an embodiment of the present disclosure further provides a key generating apparatus, wherein the apparatus includes an acquiring unit, a display unit, a first processing unit, and a generating unit; wherein the acquiring unit is configured to acquire complete picture data of a complete picture, and send the complete picture data to the display unit; wherein the display unit is configured to receive the complete picture data sent by the acquiring unit, display a partial picture of the complete picture in a display window, and send the partial picture to the first processing unit; wherein the first processing unit is configured to receive the partial picture sent by the display unit, capture a first picture from the partial picture, and generate first picture data of the first picture; and wherein the generating unit is configured to generate a key according to the first picture data.
  • the apparatus further includes a second processing unit configured to divide the partial picture into equal squares and move, using the square as a movement unit, the complete picture until the display window displays a needed partial picture.
  • the first processing unit is configured to capture a part of the partial picture as the first picture, and generate the first picture data of the first picture; or capture the entire partial picture as the first picture, and generate the first picture data of the first picture.
  • the first processing unit is configured to acquire a region selected by a user in the partial picture, and use a picture corresponding to the region in the partial picture as the first picture; and represent the region selected by the user as a square set, and connect, according to a specified rule, pieces of image data that correspond to all squares in the square set to form a binary string, where the binary string is the first picture data.
  • the first processing unit is configured to, the region selected by the user being a closed region, sequentially acquire each square in the display window, and when the square is included in the closed region, the square belongs to the square set; or when only a part of the square is included in the closed region, compute an area of the part of the square included in the closed region, and when the area is greater than a first threshold, the square belongs to the square set.
  • the first processing unit is configured to, the region selected by the user being a closed region, sequentially acquire each square in the display window, and when four sides of the square and the closed region have more than two intersection points, the square belongs to the square set; or when four sides of the square and the closed region have two intersection points and the two intersection points are on a same side of the square, the square belongs to the square set; or when four sides of the square and the closed region have two intersection points and the two intersection points are not on a same side of the square, compute an area of a trapezoid that is formed after the two intersection points are connected, and when the area is greater than a second threshold, the square belongs to the square set.
  • the generating unit is configured to perform hash computing, in which a specified quantity of iteration times is i, on the first picture data, to generate the key, where i is a natural number.
  • complete picture data which is sent by a picture selector, of a complete picture is received; a partial picture of the complete picture is displayed in a display window according to the complete picture data; a first picture is captured from the partial picture, and first picture data of the first picture is generated; and the first picture data is sent to a key extractor, such that the key extractor generates a key according to the first picture data.
  • a key extractor such that the key extractor generates a key according to the first picture data.
  • FIG. 1 is a schematic flowchart of a key generating method according to Embodiment 1 of the present disclosure
  • FIG. 2 is a schematic principle diagram of a key generating method according to the present disclosure.
  • FIG. 3 is a schematic diagram of a key generating apparatus according to Embodiment 2 of the present disclosure.
  • a key generating method and apparatus in the embodiments of the present disclosure solve a problem that when an encrypted key is generated, a user needs to memorize input of the user, which brings inconvenience for use by a user, and an input entropy of a key generating function is relatively small, and provide a manner of generating a key by using an image characteristic as input to a key generating function, such that when a key is generated, a user only needs to memorize characteristic regions on some pictures and does not need to memorize a relatively long character string or related pictures and a sequence thereof.
  • FIG. 1 is a schematic flowchart of a key generating method according to Embodiment 1 of the present disclosure.
  • the method may be applied to any electronic device having a touchscreen.
  • the electronic device may be a mobile terminal such as a mobile phone, a tablet, or a laptop, or may be a fixed terminal such as a desktop computer or a server.
  • the method provided in this embodiment includes the following steps.
  • Step 101 Acquire complete picture data of a complete picture.
  • a terminal includes a picture selector, a region selector, and a key extractor, and this method is executed by the region selector.
  • a user selects one or more complete pictures by using the picture selector, and then the picture selector sends complete picture data of the one or more complete pictures selected by the user to the region selector, where the region selector includes a display window.
  • Step 102 Display a partial picture of the complete picture in a display window.
  • a complete picture selected by a user is generally large; therefore, the display window in the region selector can only display a partial picture of the complete picture.
  • the display window displays a partial picture of the complete picture, where the partial picture, which is displayed in the display window, of the complete picture is divided into equal squares, and sizes of the squares are adjustable.
  • Step 103 Capture a first picture from the partial picture, and generate first picture data of the first picture.
  • the user may select one or more regions on the partial picture with a finger or by using another device.
  • the selected region is a continuous closed region, and is usually irregular.
  • the region selector uses a part of a partial picture or an entire partial picture corresponding to the continuous closed region selected by the user on the partial picture as a first picture, and generates first picture data of the first picture.
  • the region selector generates the first picture data of the first picture in a manner of representing the region selected by the user as a square set S.
  • Representing the region selected by the user as a square set S includes, when the display window divides the partial picture of the complete picture into equal squares for display, and when a continuous closed region selected by the user on the partial picture is acquired, sequentially acquiring squares in the display window, and when a square is included in the continuous closed region, recording the square in the square set S; or when only a part of a square is included in the continuous closed region, computing an area of the part of the square included in the continuous closed region, and when the area of the part of the square included in the continuous closed region is greater than a first threshold, the square belongs to the square set S; and the rest can by deduced by analogy, until determining is performed for all the squares in the display window, where a value of the first threshold is determined according to an accuracy requirement selected by the user; for example, when the user has a high requirement for security, the first
  • representing the region selected by the user as a square set S may also include, when the display window divides the partial picture of the complete picture into equal squares for display, and when a continuous closed region selected by the user on the partial picture is acquired, sequentially acquiring squares in the display window, and when four sides of a square and the continuous closed region have more than two intersection points, the square belongs to the square set S; or when four sides of the square and the continuous closed region have two intersection points and the two intersection points are on a same side of the square, the square belongs to the square set S; or when four sides of the square and the continuous closed region have two intersection points and the two intersection points are not on a same side of the square, computing an area of a trapezoid that is formed after the two intersection points are connected, and when the area of the trapezoid is greater than a second threshold, the square belongs to the square set S; and the rest can by deduced by analogy, until determining is performed for all the squares in the display window, where a method for
  • pieces of image data corresponding to all squares in the square set S are connected according to a specified rule (for example, according to a top-to-bottom and left-to-right sequence of the squares in S in the display window), to form a binary string, and the binary string is the first picture data.
  • a specified rule for example, according to a top-to-bottom and left-to-right sequence of the squares in S in the display window
  • Step 104 Generate a key according to the first picture data.
  • the region selector sends the generated first picture data to the key extractor, and the key extractor performs, using a secure hash function according to a preset quantity of iteration times, hash computing in which the specified quantity of iteration times is i on the received first picture data, to generate a key, where i is a natural number.
  • the region selector may determine, according to a flag, whether it is the first time a key is generated on the terminal, that is, set the flag to 0 in an initial state and set the flag to 1 when the user sets a key for the first time, and when learning that a value of the flag is 1, the region selector can determine that it is the first time a key is generated on the terminal.
  • the key generating method is described using one region selected by a user on one picture as an example, but the present disclosure is not limited thereto; this method may also be used to process multiple regions selected by a user on multiple pictures, and a key is generated by using processed data as input to a key generating function. Besides, a salt value is not needed in a process of generating a key by using the key generating method provided in the present disclosure.
  • FIG. 3 is a schematic diagram of a key generating apparatus according to Embodiment 2 of the present disclosure.
  • the apparatus provided in this embodiment includes an acquiring unit 301 , a display unit 302 , a first processing unit 303 , and a generating unit 304 .
  • the acquiring unit 301 is configured to acquire complete picture data of a complete picture and send the complete picture data to the display unit 302 .
  • a user selects one or more complete pictures by using a picture selector, then the picture selector sends complete picture data of the one or more complete pictures selected by the user to a region selector, and the region selector acquires the complete picture data by using the acquiring unit 301 .
  • the display unit 302 is configured to receive the complete picture data sent by the acquiring unit 301 , display a partial picture of the complete picture in a display window, and send the partial picture to the first processing unit 303 .
  • a complete picture selected by a user is generally large; therefore, the display window in the region selector can only display a partial picture of the complete picture.
  • the first processing unit 303 is configured to receive the partial picture sent by the display unit 302 , capture a first picture from the partial picture, and generate first picture data of the first picture.
  • the first processing unit 303 is configured to capture a part of the partial picture as the first picture, and generate the first picture data of the first picture; or capture the entire partial picture as the first picture, and generate the first picture data of the first picture. Further, the first processing unit 303 is configured to acquire a region selected by a user in the partial picture and use a picture corresponding to the region in the partial picture as the first picture; and represent the region selected by the user as a square set, and connect, according to a specified rule, pieces of image data that correspond to all squares in the square set to form a binary string, where the binary string is the first picture data.
  • representing the region selected by the user as a square set includes sequentially acquiring each square in the display window, and when the square is included in the closed region, the square belongs to the square set; or when only a part of the square is included in the closed region, computing an area of the part of the square included in the closed region, and when the area is greater than a first threshold, the square belongs to the square set; optionally, representing the region selected by the user as a square set may also include acquiring a region selected by a user in the partial picture, and using a picture corresponding to the region in the partial picture as the first picture; and representing the region selected by the user as a square set, and connecting, according to a specified rule, pieces of image data that correspond to all squares in the square set to form a binary string, where the binary string is the first picture data.
  • the generating unit 304 is configured to generate a key according to the first picture data.
  • the generating unit 304 is configured to send the first picture data to a key extractor, such that the key extractor performs hash computing in which a specified quantity of iteration times is i on the first picture data, to generate the key, where i is a natural number.
  • the apparatus further includes a second processing unit configured to divide the partial picture into equal squares and move, using the square as a movement unit, the complete picture until the display window displays a needed partial picture.
  • a second processing unit configured to divide the partial picture into equal squares and move, using the square as a movement unit, the complete picture until the display window displays a needed partial picture.
  • Embodiment 1 of the present disclosure is embedded in the apparatus provided in this embodiment of the present disclosure. Therefore, a specific working process of the apparatus provided in the present disclosure is not described in detail herein.
  • the acquiring unit 301 acquires complete picture data of a complete picture; the display unit 302 displays a partial picture of the complete picture in a display window; the first processing unit 303 captures a first picture from the partial picture and generates first picture data of the first picture; and the generating unit 304 generates a key according to the first picture data.
  • the acquiring unit 301 acquires complete picture data of a complete picture; the display unit 302 displays a partial picture of the complete picture in a display window; the first processing unit 303 captures a first picture from the partial picture and generates first picture data of the first picture; and the generating unit 304 generates a key according to the first picture data.
  • the key generating method and apparatus in the embodiments of the present disclosure solve a problem that when an encrypted key is generated, a user needs to memorize input of the user, which brings inconvenience for use by a user, and an input entropy of a key generating function is relatively small, and provide a manner of generating a key by using an image characteristic as input to a key generating function, such that when a key is generated, a user only needs to memorize characteristic regions on some pictures and does not need to memorize a relatively long character string or related pictures and a sequence thereof.
  • Steps of methods or algorithms described in the embodiments disclosed in this specification may be implemented by hardware, a software module executed by a processor, or a combination thereof.
  • the software module may reside in a random access memory (RAM), a memory, a read-only memory (ROM), an electrically programmable ROM, an electrically erasable programmable ROM, a register, a hard disk, a removable disk, a compact disc ROM (CD-ROM), or any other form of storage medium known in the art.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • User Interface Of Digital Computer (AREA)

Abstract

A key generating method and apparatus, where the method includes acquiring complete picture data of a complete picture; displaying a partial picture of the complete picture in a display window; capturing a first picture from the partial picture, and generating first picture data of the first picture; and generating a key according to the first picture data.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS
This application is a continuation of International Application No. PCT/CN2014/075369, filed on Apr. 15, 2014, which claims priority to Chinese Patent Application No. 201310518424.2, filed on Oct. 28, 2013, both of which are hereby incorporated by reference in their entireties.
TECHNICAL FIELD
The present disclosure relates to the field of mobile communications, and in particular, to a key generating method and apparatus.
BACKGROUND
With the popularization of smart devices, how to protect data in smart devices becomes a very important issue. Encryption is an effective method for implementing data protection. When an encryption system is deployed in a smart device, one of key issues is to ensure security of an encrypted key. Generally, to protect an encrypted key, the key cannot be stored in a plaintext format in a smart device; instead, each time a key is needed, a key is generated by using input of a user in interaction with the user.
In the prior art, a smart device provides an interface for a user, the user enters an American Standard Code for Information Interchange (ASCII) character string on the interface, and the character string and a salt value selected by the smart device are connected and then input to a key generating function, to generate a key; or a smart device provides an interface for a user, the user selects a group of pictures on the interface, where each picture is assigned a unique identifier (ID), and the IDs of the pictures selected by the user and a salt value are used as input to a key generating function, to generate a key.
Therefore, in the method of using a character string or a group of sequential pictures as input to a key generating function in the prior art, a user usually needs to memorize input of the user, which brings inconvenience for use by the user, and an input entropy of the key generating function is relatively small, which is prone to an attack by an attacker.
SUMMARY
Embodiments of the present disclosure provide a key generating method and apparatus, which can bring convenience for memorization and use by a user and can also improve security of a key.
According to a first aspect, an embodiment of the present disclosure provides a key generating method, where the method includes acquiring complete picture data of a complete picture; displaying a partial picture of the complete picture in a display window; capturing a first picture from the partial picture, and generating first picture data of the first picture; and generating a key according to the first picture data.
In a possible implementation manner, after the displaying of a partial picture of the complete picture in a display window, the method further includes dividing the partial picture into equal squares and moving, using the square as a movement unit, the complete picture until the display window displays a needed partial picture.
In a possible implementation manner, capturing a first picture from the partial picture, and generating first picture data of the first picture includes capturing a part of the partial picture as the first picture, and generating the first picture data of the first picture; or capturing the entire partial picture as the first picture, and generating the first picture data of the first picture.
In a possible implementation manner, capturing a part of the partial picture or the entire partial picture as the first picture, and generating the first picture data of the first picture includes acquiring a region selected by a user in the partial picture, and using a picture corresponding to the region in the partial picture as the first picture; and representing the region selected by the user as a square set, and connecting, according to a specified rule, pieces of image data that correspond to all squares in the square set to form a binary string, where the binary string is the first picture data.
In a possible implementation manner, representing the region selected by the user as a square set includes the region selected by the user being a closed region; sequentially acquiring each square in the display window, and when the square is included in the closed region, the square belongs to the square set; or when only a part of the square is included in the closed region, computing an area of the part of the square included in the closed region, and when the area is greater than a first threshold, the square belongs to the square set.
In a possible implementation manner, representing the region selected by the user as a square set includes the region selected by the user being a closed region; sequentially acquiring each square in the display window, and when four sides of the square and the closed region have more than two intersection points, the square belongs to the square set; or when four sides of the square and the closed region have two intersection points and the two intersection points are on a same side of the square, the square belongs to the square set; or when four sides of the square and the closed region have two intersection points and the two intersection points are not on a same side of the square, computing an area of a trapezoid that is formed after the two intersection points are connected, and when the area is greater than a second threshold, the square belongs to the square set.
In a possible implementation manner, generating a key according to the first picture data includes performing hash computing, in which a specified quantity of iteration times is i, on the first picture data, to generate the key, where i is a natural number.
According to a second aspect, an embodiment of the present disclosure further provides a key generating apparatus, wherein the apparatus includes an acquiring unit, a display unit, a first processing unit, and a generating unit; wherein the acquiring unit is configured to acquire complete picture data of a complete picture, and send the complete picture data to the display unit; wherein the display unit is configured to receive the complete picture data sent by the acquiring unit, display a partial picture of the complete picture in a display window, and send the partial picture to the first processing unit; wherein the first processing unit is configured to receive the partial picture sent by the display unit, capture a first picture from the partial picture, and generate first picture data of the first picture; and wherein the generating unit is configured to generate a key according to the first picture data.
In a possible implementation manner, the apparatus further includes a second processing unit configured to divide the partial picture into equal squares and move, using the square as a movement unit, the complete picture until the display window displays a needed partial picture.
In a possible implementation manner, the first processing unit is configured to capture a part of the partial picture as the first picture, and generate the first picture data of the first picture; or capture the entire partial picture as the first picture, and generate the first picture data of the first picture.
In a possible implementation manner, the first processing unit is configured to acquire a region selected by a user in the partial picture, and use a picture corresponding to the region in the partial picture as the first picture; and represent the region selected by the user as a square set, and connect, according to a specified rule, pieces of image data that correspond to all squares in the square set to form a binary string, where the binary string is the first picture data.
In a possible implementation manner, the first processing unit is configured to, the region selected by the user being a closed region, sequentially acquire each square in the display window, and when the square is included in the closed region, the square belongs to the square set; or when only a part of the square is included in the closed region, compute an area of the part of the square included in the closed region, and when the area is greater than a first threshold, the square belongs to the square set.
In a possible implementation manner, the first processing unit is configured to, the region selected by the user being a closed region, sequentially acquire each square in the display window, and when four sides of the square and the closed region have more than two intersection points, the square belongs to the square set; or when four sides of the square and the closed region have two intersection points and the two intersection points are on a same side of the square, the square belongs to the square set; or when four sides of the square and the closed region have two intersection points and the two intersection points are not on a same side of the square, compute an area of a trapezoid that is formed after the two intersection points are connected, and when the area is greater than a second threshold, the square belongs to the square set.
In a possible implementation manner, the generating unit is configured to perform hash computing, in which a specified quantity of iteration times is i, on the first picture data, to generate the key, where i is a natural number.
In the embodiments of the present disclosure, complete picture data, which is sent by a picture selector, of a complete picture is received; a partial picture of the complete picture is displayed in a display window according to the complete picture data; a first picture is captured from the partial picture, and first picture data of the first picture is generated; and the first picture data is sent to a key extractor, such that the key extractor generates a key according to the first picture data. In this way, convenience is brought for memorization and use by a user, and by using a characteristic region of a picture as input to a key generating function, it can be ensured that an input entropy of the key generating function is large enough, which can improve security of a key.
BRIEF DESCRIPTION OF DRAWINGS
FIG. 1 is a schematic flowchart of a key generating method according to Embodiment 1 of the present disclosure;
FIG. 2 is a schematic principle diagram of a key generating method according to the present disclosure; and
FIG. 3 is a schematic diagram of a key generating apparatus according to Embodiment 2 of the present disclosure.
 DESCRIPTION OF EMBODIMENTS
The following clearly describes the technical solutions in the embodiments of the present disclosure with reference to the accompanying drawings in the embodiments of the present disclosure. The described embodiments are merely some but not all of the embodiments of the present disclosure. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments of the present disclosure without creative efforts shall fall within the protection scope of the present disclosure.
A key generating method and apparatus in the embodiments of the present disclosure solve a problem that when an encrypted key is generated, a user needs to memorize input of the user, which brings inconvenience for use by a user, and an input entropy of a key generating function is relatively small, and provide a manner of generating a key by using an image characteristic as input to a key generating function, such that when a key is generated, a user only needs to memorize characteristic regions on some pictures and does not need to memorize a relatively long character string or related pictures and a sequence thereof.
FIG. 1 is a schematic flowchart of a key generating method according to Embodiment 1 of the present disclosure. The method may be applied to any electronic device having a touchscreen. The electronic device may be a mobile terminal such as a mobile phone, a tablet, or a laptop, or may be a fixed terminal such as a desktop computer or a server. As shown in FIG. 1, the method provided in this embodiment includes the following steps.
Step 101: Acquire complete picture data of a complete picture.
Referring to a schematic principle diagram of a key generating method according to the present disclosure shown in FIG. 2, in FIG. 2, a terminal includes a picture selector, a region selector, and a key extractor, and this method is executed by the region selector. A user selects one or more complete pictures by using the picture selector, and then the picture selector sends complete picture data of the one or more complete pictures selected by the user to the region selector, where the region selector includes a display window.
Step 102: Display a partial picture of the complete picture in a display window.
It should be noted that a complete picture selected by a user is generally large; therefore, the display window in the region selector can only display a partial picture of the complete picture. After the region selector receives the complete picture data of the complete picture selected by the user, the display window displays a partial picture of the complete picture, where the partial picture, which is displayed in the display window, of the complete picture is divided into equal squares, and sizes of the squares are adjustable. When the user moves the complete picture on a screen to display a needed partial picture in the display window, a unit in which the user moves the complete picture each time is one square.
Step 103: Capture a first picture from the partial picture, and generate first picture data of the first picture.
When displaying a partial picture needed by the user in the display window by moving the complete picture, the user may select one or more regions on the partial picture with a finger or by using another device. Preferably, the selected region is a continuous closed region, and is usually irregular. The region selector uses a part of a partial picture or an entire partial picture corresponding to the continuous closed region selected by the user on the partial picture as a first picture, and generates first picture data of the first picture.
It should be noted that the region selector generates the first picture data of the first picture in a manner of representing the region selected by the user as a square set S. Representing the region selected by the user as a square set S includes, when the display window divides the partial picture of the complete picture into equal squares for display, and when a continuous closed region selected by the user on the partial picture is acquired, sequentially acquiring squares in the display window, and when a square is included in the continuous closed region, recording the square in the square set S; or when only a part of a square is included in the continuous closed region, computing an area of the part of the square included in the continuous closed region, and when the area of the part of the square included in the continuous closed region is greater than a first threshold, the square belongs to the square set S; and the rest can by deduced by analogy, until determining is performed for all the squares in the display window, where a value of the first threshold is determined according to an accuracy requirement selected by the user; for example, when the user has a high requirement for security, the first threshold may be set to a larger value, that is, may be set to 80% of an area of the entire square; when the user has a high requirement on convenience, the first threshold may be set to a smaller value, that is, may be set to 50% of an area of the entire square.
In another implementation manner, representing the region selected by the user as a square set S may also include, when the display window divides the partial picture of the complete picture into equal squares for display, and when a continuous closed region selected by the user on the partial picture is acquired, sequentially acquiring squares in the display window, and when four sides of a square and the continuous closed region have more than two intersection points, the square belongs to the square set S; or when four sides of the square and the continuous closed region have two intersection points and the two intersection points are on a same side of the square, the square belongs to the square set S; or when four sides of the square and the continuous closed region have two intersection points and the two intersection points are not on a same side of the square, computing an area of a trapezoid that is formed after the two intersection points are connected, and when the area of the trapezoid is greater than a second threshold, the square belongs to the square set S; and the rest can by deduced by analogy, until determining is performed for all the squares in the display window, where a method for determining a value of the second threshold is same as the method for determining a value of the first threshold.
After the square set S is obtained, pieces of image data corresponding to all squares in the square set S are connected according to a specified rule (for example, according to a top-to-bottom and left-to-right sequence of the squares in S in the display window), to form a binary string, and the binary string is the first picture data.
Step 104: Generate a key according to the first picture data.
The region selector sends the generated first picture data to the key extractor, and the key extractor performs, using a secure hash function according to a preset quantity of iteration times, hash computing in which the specified quantity of iteration times is i on the received first picture data, to generate a key, where i is a natural number.
It should be noted that when the region selector determines that it is the first time a key is generated on the terminal, after the region selected by the user is converted into the square set S by using the foregoing process, it is required that the user selects a region on the partial picture again, and after the region selected by the user at the second time is converted into a square set S′, the first picture data is sent to the key extractor only when S=S′. The region selector may determine, according to a flag, whether it is the first time a key is generated on the terminal, that is, set the flag to 0 in an initial state and set the flag to 1 when the user sets a key for the first time, and when learning that a value of the flag is 1, the region selector can determine that it is the first time a key is generated on the terminal.
It should be noted that in this embodiment of the present disclosure, the key generating method is described using one region selected by a user on one picture as an example, but the present disclosure is not limited thereto; this method may also be used to process multiple regions selected by a user on multiple pictures, and a key is generated by using processed data as input to a key generating function. Besides, a salt value is not needed in a process of generating a key by using the key generating method provided in the present disclosure.
FIG. 3 is a schematic diagram of a key generating apparatus according to Embodiment 2 of the present disclosure. As shown in FIG. 3, the apparatus provided in this embodiment includes an acquiring unit 301, a display unit 302, a first processing unit 303, and a generating unit 304.
The acquiring unit 301 is configured to acquire complete picture data of a complete picture and send the complete picture data to the display unit 302.
A user selects one or more complete pictures by using a picture selector, then the picture selector sends complete picture data of the one or more complete pictures selected by the user to a region selector, and the region selector acquires the complete picture data by using the acquiring unit 301.
The display unit 302 is configured to receive the complete picture data sent by the acquiring unit 301, display a partial picture of the complete picture in a display window, and send the partial picture to the first processing unit 303.
It should be noted that a complete picture selected by a user is generally large; therefore, the display window in the region selector can only display a partial picture of the complete picture.
The first processing unit 303 is configured to receive the partial picture sent by the display unit 302, capture a first picture from the partial picture, and generate first picture data of the first picture.
In a specific embodiment of the present disclosure, the first processing unit 303 is configured to capture a part of the partial picture as the first picture, and generate the first picture data of the first picture; or capture the entire partial picture as the first picture, and generate the first picture data of the first picture. Further, the first processing unit 303 is configured to acquire a region selected by a user in the partial picture and use a picture corresponding to the region in the partial picture as the first picture; and represent the region selected by the user as a square set, and connect, according to a specified rule, pieces of image data that correspond to all squares in the square set to form a binary string, where the binary string is the first picture data.
In the foregoing embodiment, assuming that the region selected by the user is a closed region, representing the region selected by the user as a square set includes sequentially acquiring each square in the display window, and when the square is included in the closed region, the square belongs to the square set; or when only a part of the square is included in the closed region, computing an area of the part of the square included in the closed region, and when the area is greater than a first threshold, the square belongs to the square set; optionally, representing the region selected by the user as a square set may also include acquiring a region selected by a user in the partial picture, and using a picture corresponding to the region in the partial picture as the first picture; and representing the region selected by the user as a square set, and connecting, according to a specified rule, pieces of image data that correspond to all squares in the square set to form a binary string, where the binary string is the first picture data.
The generating unit 304 is configured to generate a key according to the first picture data.
In a specific embodiment of the present disclosure, the generating unit 304 is configured to send the first picture data to a key extractor, such that the key extractor performs hash computing in which a specified quantity of iteration times is i on the first picture data, to generate the key, where i is a natural number.
Optionally, the apparatus further includes a second processing unit configured to divide the partial picture into equal squares and move, using the square as a movement unit, the complete picture until the display window displays a needed partial picture.
The method provided in Embodiment 1 of the present disclosure is embedded in the apparatus provided in this embodiment of the present disclosure. Therefore, a specific working process of the apparatus provided in the present disclosure is not described in detail herein.
In Embodiment 2 of the present disclosure, the acquiring unit 301 acquires complete picture data of a complete picture; the display unit 302 displays a partial picture of the complete picture in a display window; the first processing unit 303 captures a first picture from the partial picture and generates first picture data of the first picture; and the generating unit 304 generates a key according to the first picture data. In this way, convenience is brought for memorization and use by a user, and by using a characteristic region of a picture as input to a key generating function, it can be ensured that an input entropy of the key generating function is large enough, which can improve security of a key.
It can be seen that the key generating method and apparatus in the embodiments of the present disclosure solve a problem that when an encrypted key is generated, a user needs to memorize input of the user, which brings inconvenience for use by a user, and an input entropy of a key generating function is relatively small, and provide a manner of generating a key by using an image characteristic as input to a key generating function, such that when a key is generated, a user only needs to memorize characteristic regions on some pictures and does not need to memorize a relatively long character string or related pictures and a sequence thereof.
A person skilled in the art may be further aware that, in combination with the examples described in the embodiments disclosed in this specification, units and algorithm steps may be implemented by electronic hardware, computer software, or a combination thereof. To clearly describe the interchangeability between the hardware and the software, the foregoing has generally described compositions and steps of each example according to functions. Whether the functions are performed by hardware or software depends on particular applications and design constraint conditions of the technical solutions. A person skilled in the art may use different methods to implement the described functions for each particular application, but it should not be considered that the implementation goes beyond the scope of the present disclosure.
Steps of methods or algorithms described in the embodiments disclosed in this specification may be implemented by hardware, a software module executed by a processor, or a combination thereof. The software module may reside in a random access memory (RAM), a memory, a read-only memory (ROM), an electrically programmable ROM, an electrically erasable programmable ROM, a register, a hard disk, a removable disk, a compact disc ROM (CD-ROM), or any other form of storage medium known in the art.
In the foregoing specific implementation manners, the objective, technical solutions, and benefits of the present disclosure are further described in detail. It should be understood that the foregoing descriptions are merely specific implementation manners of the present disclosure, but are not intended to limit the protection scope of the present disclosure. Any modification, equivalent replacement, or improvement made without departing from the spirit and principle of the present disclosure should fall within the protection scope of the present disclosure.

Claims (4)

What is claimed is:
1. A key generating method for securing an electronic device, wherein the method comprises:
receiving, by the electronic device, a selection of a complete picture;
displaying at least a partial picture of the complete picture in a display window of the electronic device;
receiving an input;
acquiring a region in the partial picture based, at least in part, on the input;
representing the region as a square set;
forming a string based, at least in part, on squares in the square set;
generating a key based, at least in part, on the string;
encrypting unencrypted data stored on the electronic device using the key; and
decrypting encrypted data stored on the electronic device using the key,
wherein acquiring the region comprises:
detecting a closed region defined by the input;
determining a first square is part of the region when the first square is entirely within the closed region;
determining a portion of the first square within the region when the portion of the first square is within the closed region;
determining the first square is part of the region when the portion of the first square is greater than a threshold; and
determining the first square is not part of the region when the portion of the first square is less than a threshold.
2. The method of claim 1, wherein receiving the input comprises at least one of:
receiving a touch at a touch screen of the electronic device; and
receiving a command from an input device of the electronic device.
3. The method of claim 1, wherein forming the string comprises connecting all squares within the closed region to form the string.
4. The method of claim 1, wherein generating the key comprises performing a hash on the string.
US14/867,106 2013-10-28 2015-09-28 Key generating method and apparatus Active 2034-09-27 US10003462B2 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
CN201310518424 2013-10-28
CN201310518424.2A CN104579637B (en) 2013-10-28 2013-10-28 Key generation method and device
CN201310518424.2 2013-10-28
PCT/CN2014/075369 WO2015062210A1 (en) 2013-10-28 2014-04-15 Key generation method and device

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/075369 Continuation WO2015062210A1 (en) 2013-10-28 2014-04-15 Key generation method and device

Publications (2)

Publication Number Publication Date
US20160020902A1 US20160020902A1 (en) 2016-01-21
US10003462B2 true US10003462B2 (en) 2018-06-19

Family

ID=53003232

Family Applications (1)

Application Number Title Priority Date Filing Date
US14/867,106 Active 2034-09-27 US10003462B2 (en) 2013-10-28 2015-09-28 Key generating method and apparatus

Country Status (3)

Country Link
US (1) US10003462B2 (en)
CN (1) CN104579637B (en)
WO (1) WO2015062210A1 (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105991612A (en) * 2015-03-03 2016-10-05 阿里巴巴集团控股有限公司 User identity authentication method and device
CN106203131A (en) * 2016-06-24 2016-12-07 维沃移动通信有限公司 A kind of image encryption method and mobile terminal
CN108108595B (en) * 2017-12-29 2023-03-28 星宸科技股份有限公司 Method and system for authorizing software in electronic equipment
CN108833099A (en) * 2018-07-27 2018-11-16 深圳市新名泽科技有限公司 Key generation method, device, key recovery method and device
CN111131270B (en) * 2019-12-27 2021-11-16 五八有限公司 Data encryption and decryption method and device, electronic equipment and storage medium

Citations (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5559961A (en) 1994-04-04 1996-09-24 Lucent Technologies Inc. Graphical password
US5732138A (en) * 1996-01-29 1998-03-24 Silicon Graphics, Inc. Method for seeding a pseudo-random number generator with a cryptographic hash of a digitization of a chaotic system
CN1184294A (en) 1996-11-28 1998-06-10 国际商业机器公司 System for embedding authentication information into image and image alteration detecting system
US6011849A (en) * 1997-08-28 2000-01-04 Syndata Technologies, Inc. Encryption-based selection system for steganography
CN1273499A (en) 1999-05-07 2000-11-15 电话通有限公司 Method and device for display image on moving equipment
US6307955B1 (en) * 1998-12-18 2001-10-23 Topaz Systems, Inc. Electronic signature management system
CN1333973A (en) 1998-11-20 2002-01-30 艾利森电话股份有限公司 Method and device for encryption of images
US20020191091A1 (en) * 2001-05-29 2002-12-19 Stmicroelectronics Ltd Method for generating unique image sensor identification, and image sensor system for use therewith
CN1431622A (en) 2001-12-28 2003-07-23 佳能株式会社 Image verification system, its appts. and method
US20040086115A1 (en) 2002-11-06 2004-05-06 Chi-Sung Laih Image public key generation method
US20060013389A1 (en) * 2004-06-23 2006-01-19 Harrison Keith A Cryptographic method and apparatus
US7222235B1 (en) * 1999-03-30 2007-05-22 Oki Electric Industry Co., Ltd. Image processing system utilizing digital watermarks in predetermined regions
US20080263361A1 (en) 2007-04-20 2008-10-23 Microsoft Corporation Cryptographically strong key derivation using password, audio-visual and mental means
EP1998306A1 (en) 2007-05-30 2008-12-03 Fujitsu Ltd. Image encryption/decryption system
US20090136032A1 (en) 2007-11-26 2009-05-28 Kyocera Mita Corporation Image reading apparatus and image forming apparatus
US20100180336A1 (en) * 2009-01-13 2010-07-15 Nolan Jones System and Method for Authenticating a User Using a Graphical Password
US20100287382A1 (en) 2009-05-07 2010-11-11 John Charles Gyorffy Two-factor graphical password for text password and encryption key generation
US20120025462A1 (en) * 2009-01-06 2012-02-02 Knowlton Kenneth C Personalized mosaic puzzle set
US20120198546A1 (en) 2009-09-23 2012-08-02 William Roberts Cheswick Apparatus, methods, and computer program products for entering secure passwords
CN102663282A (en) 2012-03-16 2012-09-12 中国科学院声学研究所 Method and device for data encryption and data decryption
US8881251B1 (en) * 2012-05-30 2014-11-04 RememberIN, Inc. Electronic authentication using pictures and images

Patent Citations (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5559961A (en) 1994-04-04 1996-09-24 Lucent Technologies Inc. Graphical password
US5732138A (en) * 1996-01-29 1998-03-24 Silicon Graphics, Inc. Method for seeding a pseudo-random number generator with a cryptographic hash of a digitization of a chaotic system
CN1184294A (en) 1996-11-28 1998-06-10 国际商业机器公司 System for embedding authentication information into image and image alteration detecting system
US6011849A (en) * 1997-08-28 2000-01-04 Syndata Technologies, Inc. Encryption-based selection system for steganography
CN1333973A (en) 1998-11-20 2002-01-30 艾利森电话股份有限公司 Method and device for encryption of images
US6307955B1 (en) * 1998-12-18 2001-10-23 Topaz Systems, Inc. Electronic signature management system
US7222235B1 (en) * 1999-03-30 2007-05-22 Oki Electric Industry Co., Ltd. Image processing system utilizing digital watermarks in predetermined regions
CN1273499A (en) 1999-05-07 2000-11-15 电话通有限公司 Method and device for display image on moving equipment
US6684087B1 (en) * 1999-05-07 2004-01-27 Openwave Systems Inc. Method and apparatus for displaying images on mobile devices
US20020191091A1 (en) * 2001-05-29 2002-12-19 Stmicroelectronics Ltd Method for generating unique image sensor identification, and image sensor system for use therewith
CN1431622A (en) 2001-12-28 2003-07-23 佳能株式会社 Image verification system, its appts. and method
US20070092075A1 (en) * 2002-11-06 2007-04-26 National Cheng Kung University Image public key generation method
US20040086115A1 (en) 2002-11-06 2004-05-06 Chi-Sung Laih Image public key generation method
US20060013389A1 (en) * 2004-06-23 2006-01-19 Harrison Keith A Cryptographic method and apparatus
US20080263361A1 (en) 2007-04-20 2008-10-23 Microsoft Corporation Cryptographically strong key derivation using password, audio-visual and mental means
EP1998306A1 (en) 2007-05-30 2008-12-03 Fujitsu Ltd. Image encryption/decryption system
US20090136032A1 (en) 2007-11-26 2009-05-28 Kyocera Mita Corporation Image reading apparatus and image forming apparatus
CN101448068A (en) 2007-11-26 2009-06-03 京瓷美达株式会社 Image reading apparatus and image forming apparatus
US20120025462A1 (en) * 2009-01-06 2012-02-02 Knowlton Kenneth C Personalized mosaic puzzle set
US20100180336A1 (en) * 2009-01-13 2010-07-15 Nolan Jones System and Method for Authenticating a User Using a Graphical Password
US20100287382A1 (en) 2009-05-07 2010-11-11 John Charles Gyorffy Two-factor graphical password for text password and encryption key generation
US20120198546A1 (en) 2009-09-23 2012-08-02 William Roberts Cheswick Apparatus, methods, and computer program products for entering secure passwords
CN102663282A (en) 2012-03-16 2012-09-12 中国科学院声学研究所 Method and device for data encryption and data decryption
US8881251B1 (en) * 2012-05-30 2014-11-04 RememberIN, Inc. Electronic authentication using pictures and images

Non-Patent Citations (11)

* Cited by examiner, † Cited by third party
Title
Chhajed et al., "Efficient Embedding in B&W Picture Images", Apr. 2010, 2nd IEEE International Conference on Information Management and Engineering, pp. 525-528 (Year: 2010). *
English Translation of Ming-Quan, Z., et al., "An 3-DES Key Encryption Method Generated by Iris Image," Information Security, Sep. 29, 2012, 5 pages.
Foreign Communication From a Counterpart Application, Chinese Application No. 201310518424.2, Chinese Office Action dated Apr. 19, 2017, 8 pages.
Foreign Communication From A Counterpart Application, Chinese Application No. 201310518424.2, Chinese Office Action dated Apr. 20, 2018, 8 pages.
Foreign Communication From a Counterpart Application, Chinese Application No. 201310518424.2, Chinese Office Action dated Nov. 27, 2017, 8 pages.
Foreign Communication From a Counterpart Application, PCT Application No. PCT/CN2014/075369, English Translation of International Search Report dated Jul. 29, 2014, 2 pages.
Foreign Communication From a Counterpart Application, PCT Application No. PCT/CN2014/075369, Written Opinion dated Jul. 29, 2014, 4 pages.
Machine Translation and Abstract of Chinese Publication No. CN102663282, dated Sep. 12, 2012, 9 pages.
Ming-Quan, Z., et al., "An 3-DES Key Encryption Method Generated by Iris Image," Information Security, Sep. 29, 2012, 3 pages.
Ogiela, M., et al., "Image Based Crypto-Biometric Key Generation," Third International Conference on Intelligent Networking and Collaborative Systems, 2011, pp. 673-678.
Santhi, B., et al., "A Novel Cryptographic Key Generation Method Using Image Features," Research Journal of Information Technology, vol. 4, No. 2, Jun. 30, 2012, pp. 88-92.

Also Published As

Publication number Publication date
US20160020902A1 (en) 2016-01-21
WO2015062210A1 (en) 2015-05-07
CN104579637B (en) 2019-01-18
CN104579637A (en) 2015-04-29

Similar Documents

Publication Publication Date Title
US10003462B2 (en) Key generating method and apparatus
EP3008654B1 (en) Gesture-based authentication without retained credentialing gestures
US10659226B2 (en) Data encryption method, decryption method, apparatus, and system
US11716197B2 (en) System and method for generating a cryptographic key
JP2016085381A (en) Encryption method, encryption device and encryption system
US8712047B2 (en) Visual universal decryption apparatus and methods
US20090252323A1 (en) Methods, techniques and system for maintaining security on computer systems
WO2017166856A1 (en) Method, device and equipment for file encryption
JP2015115079A (en) Method and apparatus for input verification
EP3114601A1 (en) Access control for a resource
CN105184126A (en) Password setting method, authentication method and terminal
WO2021159644A1 (en) Screen capture management method and apparatus, and mobile terminal
US20200110906A1 (en) Encryption circuit for performing virtual encryption operations
CN107248972B (en) Data encryption and decryption method and device and electronic equipment
CN103853991A (en) Method and device for preventing computer device screen keyboard from being laterally recorded
CN106850215B (en) Data encryption and decryption method and device
CN110262868B (en) Notification message display method and related equipment
EP3299987B1 (en) Information processing method, electronic device, and computer storage medium
WO2016202292A1 (en) Video encryption method and video decryption method, and mobile terminal
CN107392039B (en) Computer hard disk data encryption method and device
CN115134473B (en) Image encryption method and device
GB2582456A (en) System, device and method for fingerprint authentication using a watermarked digital image
CN111130788A (en) Data processing method and system, data reading method and iSCSI server
CN106803030A (en) A kind of encryption and decryption method and device, user equipment
CN104850806A (en) Coding and decoding methods, device, equipment and system

Legal Events

Date Code Title Description
AS Assignment

Owner name: HUAWEI TECHNOLOGIES CO., LTD., CHINA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:XU, LEI;ZHAI, ZHENGDE;SIGNING DATES FROM 20150922 TO 20150923;REEL/FRAME:036667/0183

STCF Information on status: patent grant

Free format text: PATENTED CASE

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 4TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1551); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment: 4